Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

An anonymous reader writes with some snippets pulled from a lengthy Q&A session at The New Yorker with former NSA head Keith Alexander, in which Alexander defends the collection of metadata by U.S. spy agencies both abroad and within the United States: "The probability of an attack getting through to the United States, just based on the sheer numbers, from 2012 to 2013, that I gave you—look at the statistics. If you go from just eleven thousand to twenty thousand, what does that tell you? That's more. That's fair, right? [..] These aren't my stats. The University of Maryland does it for the State Department. [...] The probability is growing. What I saw at N.S.A. is that there is a lot more coming our way. Just as someone is revealing all the tools and the capabilities we have. What that tells me is we're at greater risk. I can't measure it. You can't say, Well, is that enough to get through? I don't know. It means that the intel community, the military community, and law enforcement are going to work harder."

It's like a gold miner talking about how much gold they are going to get out of the mountain without even mentioning the massive amounts of toxic materials he is dumping directly into the town's reservoir.

....and in the end, you might still spend more on those cameras and guards than the reduction in theft; possibly even more than the total of all the theft, including the part you didn't stop.

Bruce Schnieir made a nice observation in one of his newsletters a while back about how security never makes money for anyone but security folks....for everyone else it is a cost...always a cost. A cost that may mitigate other costs, but, its always a cost itself....in fact, it can ONLY be a benefit up to the extent that it mitigates other costs.

That is, if you lose $10,000 a year to theft.... the absolute maximum you can ever save by implementing security is $10,000 a year, and every dollar you spend on that security reduces that benefit. If you hire a security gaurd for $40k/year... you are actually losing 4 times the maximum benefit his job can provide, before he even provides any benefit.... which is likely to only be a portion of that maximum.

So the absolute maximum benefit of all this surveillance, of all this tampering with equipment, of invading privacy and creating a massive database that would be the wet dream of the Stasi and only needs a change in policy to be used to terrible effect....the likely unachievable maximum benefit is bound.....well really fucking small.